Why Every Indian Developer Using Supabase Needs a Reverse Proxy
If you ship software for Indian users and depend on Supabase, you are one government order away from a total outage. That is not a hypothetical. It already happened. And it will happen again.
India has a pattern of blocking developer tools
In October 2025, millions of Indian internet users woke up to find that Medium.com was inaccessible. No warning, no public notice from ISPs, no transition period. The platform simply stopped resolving on Jio, Airtel, and BSNL networks. Developers who hosted technical blogs, documentation links, and engineering postmortems on Medium found their content unreachable for the largest internet audience on the planet.
That was not an isolated event. In August 2025, BSNL blocked a series of developer platforms with no explanation, affecting raw GitHub content (raw.githubusercontent.com), certain Firebase endpoints, and a growing list of SaaS APIs. Before that, there were temporary blocks on Telegram, Reddit, and various VPN services.
And now, Supabase. The entire *.supabase.co domain is DNS-blocked across major ISPs following a government ministry order. Every REST query, every auth call, every realtime subscription, every storage upload -- all of it returns ERR_CONNECTION_TIMED_OUT.
The takeaway is not that any single block is unusual. The takeaway is that blocking developer infrastructure is now a recurring pattern. If your stack depends on a third-party domain, you should assume that domain will eventually be blocked in at least one major market.
The scale of the problem is staggering
India is not a niche market. It is the single largest connected population on earth by active mobile internet users. When an ISP block hits, the blast radius is enormous.
India is home to the second-largest developer community in the world. Thousands of startups, indie hackers, and enterprise teams use Supabase as their backend. When Supabase goes dark on Jio alone, you instantly lose access to more users than the entire population of the European Union. This is not a minor inconvenience. It is an existential threat to any product that depends on Supabase and serves Indian users.
What happens when your backend goes dark
When an ISP blocks your backend domain, the failure mode is catastrophic and silent. There is no graceful degradation. Your frontend loads, the UI renders, and then every API call hangs until it times out. From the user's perspective, the app is broken.
User impact
Authentication fails. Data does not load. Realtime features go silent. Users cannot sign up, cannot log in, cannot use your product. They do not see an error message explaining the ISP block -- they just see a broken app and leave.
Revenue loss
Every hour of downtime is lost revenue. For a SaaS product with paying Indian customers, an ISP block can mean days or weeks of zero conversions from the largest mobile market in the world. By the time you diagnose the issue and deploy a fix, the damage is done.
Trust erosion
Users do not care why your app is broken. They do not read your Twitter thread explaining that Jio is blocking Supabase. They switch to a competitor. Trust, once lost, is extraordinarily difficult to rebuild -- especially in a market where users have dozens of alternatives one tap away.
Why DNS changes and VPNs fail as solutions
The most common advice in developer communities when a block hits is to change your DNS to 1.1.1.1 or 8.8.8.8, or install a VPN. This advice is well-intentioned but fundamentally misunderstands the problem.
Your end users cannot configure DNS. You are not building for developers. Your users are on Jio 4G on an Android phone. They do not know what DNS is, and they should not need to.
Mobile networks ignore custom DNS. On most Indian mobile networks, custom DNS settings on the device are silently overridden. The carrier injects its own DNS resolver at the network level, making client-side DNS changes ineffective.
Deep Packet Inspection bypasses DNS entirely. Some ISPs use DPI to inspect the SNI (Server Name Indication) field in TLS handshakes. Even if DNS resolves correctly, the connection is dropped at the network level when the SNI matches a blocked domain.
VPNs are a developer workaround, not a product solution. A VPN works for you, the developer, during development. It does not work for the hundreds of thousands of users who need your production app to function without extra software.
The fix has to be at the infrastructure level. Something your users never see, never install, and never configure.
The case for infrastructure resilience
Modern web applications are built on layers of third-party services. Your database is hosted by one provider, your auth by another, your storage by a third, your CDN by a fourth. Each of these services exposes a domain name, and each of those domain names is a single point of failure.
In a market where ISPs can and do block domains at will, depending on a single domain for a critical service is an architectural vulnerability. It is the equivalent of running a production database without backups. It works fine until it does not.
Principle
Never depend on a single domain for a critical path in your application.
If your app calls xyz.supabase.co directly from the client, you have zero fallback when that domain becomes unreachable. A proxy layer on a domain you control gives you the ability to reroute traffic, switch backends, and survive blocks without pushing a client update.
How a reverse proxy works
The concept is simple. Instead of your frontend calling Supabase directly, it calls your proxy domain. The proxy, running on infrastructure that is not blocked, forwards the request to Supabase, receives the response, and sends it back to the client. The user never interacts with the blocked domain.
The ISP's DNS block or DPI filter looks at the domain the client is connecting to. Since the client connects to myapp.jiobase.com (which resolves to Cloudflare IPs), the ISP has no reason to block it. The proxy then makes the request to Supabase from Cloudflare's network, which is outside the ISP's jurisdiction.
This works for HTTP REST calls, authentication flows, file storage operations, and critically, WebSocket connections used by Supabase Realtime. The proxy detects WebSocket upgrade headers and establishes a bidirectional relay, so subscriptions, presence, and broadcast all function normally.
DIY vs. managed proxy: the real tradeoffs
You can absolutely build a Supabase proxy yourself. A basic Cloudflare Worker that forwards requests is roughly 50 lines of code. But "basic forwarding" and "production-grade proxy" are very different things.
| Concern | DIY proxy | Managed (JioBase) |
|---|---|---|
| HTTP forwarding | Straightforward | Handled |
| WebSocket / Realtime | Complex to implement correctly | Built-in, tested at scale |
| CORS configuration | You handle edge cases | Configurable per-app |
| Rate limiting | Build from scratch | Included |
| Analytics / monitoring | Add your own logging | Dashboard with real-time metrics |
| Custom domains | Manual DNS + certificate setup | One-click CNAME setup |
| Ongoing maintenance | Your responsibility | Managed for you |
The DIY approach makes sense if you have a single Supabase project, no WebSocket needs, and the engineering capacity to maintain the proxy alongside your actual product. For everyone else, the time spent building and maintaining proxy infrastructure is time not spent building features your users care about.
Building for the Indian market
If India is a target market for your product -- and given its developer population and growth trajectory, it probably should be -- you need to design your architecture with the assumption that any external domain can be blocked at any time. This is not paranoia. It is pattern recognition.
Anticipate blocks. Assume any third-party domain can become unreachable. Design fallback paths into your architecture from day one, not as a hotfix when things break.
Use custom domains for everything. Your API, your auth endpoint, your storage -- all of it should be behind a domain you own. If your backend is api.yourstartup.com instead of xyz.supabase.co, you can reroute traffic at the DNS level without touching client code.
Add a proxy layer. A reverse proxy running on edge infrastructure gives you a buffer between your users and your backend provider. It is an insurance policy against domain-level disruption.
Monitor ISP reachability. Set up synthetic monitoring from Indian IP ranges. You should know about a block before your users report it, not after your support queue is overflowing.
These are not advanced techniques. They are table stakes for any product that takes the Indian market seriously. The developers who build this resilience into their stack from the start will have an enormous advantage over those scrambling to patch things after the next block.
Resilience is not optional. It is a product requirement.
There was a time when infrastructure resilience meant having database replicas and multi-region deployments. In India's regulatory environment, it now also means ensuring that no single blocked domain can take your entire product offline.
The Medium block, the BSNL blocks, the Supabase block -- these are not bugs in the system. This is how the system works. Indian ISPs will continue to comply with government orders. Those orders will continue to arrive without warning and without clear timelines for reversal.
As developers building for this market, we have two choices. We can treat each block as a one-off crisis, scrambling for workarounds and hoping it gets resolved. Or we can accept that domain-level disruption is a permanent feature of the Indian internet landscape and build our architectures accordingly.
A reverse proxy is not a clever hack. It is infrastructure. And in India, it is essential infrastructure.
Frequently Asked Questions
Why is Supabase blocked in India?
*.supabase.co following a government ministry order. The block affects Jio, Airtel, ACT Fibernet, and other providers. The exact reason has not been publicly disclosed, which is common with Indian ISP blocks.Will the block be lifted eventually?
Is using a proxy to bypass ISP blocks legal in India?
Should I add a proxy even if my users are not in India?
How do I set up a proxy quickly?
Get started
Try JioBase free
Deploy your own Supabase reverse proxy in under 60 seconds. One command. Full API support including Realtime WebSockets. Free and open-source.
npx create-jiobase — self-host on Cloudflare Workers
Suggested reading
More guides on Supabase, DNS blocks, and building resilient apps in India.
Supabase Blocked in India: What Happened and How to Fix It
Indian ISPs are DNS-blocking *.supabase.co. Here is everything you need to know and how to fix it.
How to Proxy Supabase Through Cloudflare Workers (Step-by-Step)
A detailed tutorial on setting up a Cloudflare Worker reverse proxy for Supabase.
Supabase Alternatives for Indian Developers (2026 Comparison)
Evaluating Appwrite, Nhost, PocketBase, self-hosting, and custom backends as alternatives.